CVE-2024-58267

A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher’s authentication tokens...

[SECURITY] Fedora 42 Update: bird-3.1.4-1.fc42

BIRD is a dynamic IP routing daemon supporting both, IPv4 and IPv6, Border Gateway Protocol BGPv4, Routing Information Protocol RIPv2, RIPng, Open Shortest Path First protocol OSPFv2, OSPFv3, Babel Routing Protocol Babel, Bidirectional Forwarding Detection BFD, IPv6 router advertisements, static...

SUSE CVE-2024-58267

A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher's authentication tokens...

CVE-2025-20338

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments th...

CVE-2025-20338

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments th...

CVE-2025-20149

A vulnerability in the CLI of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to a buffer overflow. An attacker with a...

CVE-2025-20149

CVE-2025-20149 affects Cisco IOS and IOS XE CLI, where a buffer overflow in the CLI could be triggered by crafted commands from a low-privileged, authenticated user to cause an unexpected device reload (DoS). The vulnerability is local-attack accessible (LOCAL), with LOW privileges required and n...

Cisco IOS and IOS XE Software CLI Denial of Service Vulnerability

A vulnerability in the CLI of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to a buffer overflow. An attacker with a...

Cisco IOS XE Software CLI Argument Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments th...

Google Gemini CLI Installed (macOS)

Binary data googlegeminiclimacosinstalled.nbin...

Salesforce CLI 安全漏洞

Salesforce CLI is a command line tool from Salesforce, Inc. that interacts with the Salesforce platform. A security vulnerability exists in Salesforce CLI versions prior to 2.106.6 that stems from an uncontrolled search path element that could lead to the replacement of trusted executables...

[SECURITY] Fedora 42 Update: gh-2.79.0-1.fc42

A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform vari ous actions right from the command line, eliminating the need to...

Jenkins Cross-Site WebSocket Hijacking

A vulnerability exists in Jenkins versions from 2.217 before 2.442 and from LTS 2.222.1 before LTS 2.426.3 allowing an unauthenticated and remote attacker to trick a user authenticated on the target Jenkins instance and perform Jenkins CLI cross-site arbitrary commands through websockets. No sour...

CVE-2025-37123

A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to escalate privileges. Successful exploitation of this vulnerability may enable the attacker to execute arbitrary system commands with root privileges on...

CVE-2025-37130

A vulnerability in the command-line interface of EdgeConnect SD-WAN could allow an authenticated attacker to read arbitrary files within the system. Successful exploitation could allow an attacker to read sensitive data from the underlying file system...

CVE-2025-37129

A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an authenticated attacker to exploit built-in script execution capabilities. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system if the feature is...

CVE-2025-37126

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute arbitrary commands as...

Vulnerabilities fixed in HPE Aruba Networking EdgeConnect SD-WAN Gateways

HPE has fixed vulnerabilities in HPE Aruba Networking EdgeConnect SD-WAN Gateways. The vulnerabilities are in the command-line interface and Web API of the HPE Aruba Networking EdgeConnect SD-WAN Gateways. These vulnerabilities allow authenticated attackers to execute arbitrary system commands wi...

CVE-2025-59691

PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In th...

PT-2025-38497

Name of the Vulnerable Software and Affected Versions PureVPN versions 2.0.1 and 2.10.0 Description PureVPN client applications on Linux mishandle firewalling. The applications flush existing iptables rules and apply default ACCEPT policies when connecting to a VPN server, removing previously...